finishing-a-development-branch
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local system commands to run project test suites (e.g.,
npm test,pytest,cargo test,go test). These commands are essential for verifying code quality before merging. - [COMMAND_EXECUTION]: It performs extensive Git operations including
git merge,git checkout,git branch -d, andgit worktree remove. Destructive actions, such as branch deletion in Option 4, require explicit user confirmation ('discard'). - [EXTERNAL_DOWNLOADS]: The skill interacts with remote repositories using
git pull,git push, and the GitHub CLI (gh pr create). These operations are directed at the developer's configured origin and official GitHub services. - [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external sources such as branch names, merge base results, and test suite output.
- Ingestion points: Branch names via
git branch --show-current, test results from the console, and commit lists. - Boundary markers: The skill uses a secure heredoc pattern (
cat <<'EOF') for the Pull Request body to prevent shell interpolation of ingested content. - Capability inventory: Subprocess execution (tests, git), file-system modification (git operations), and network operations (push/PR).
- Sanitization: The use of heredocs and structured prompts mitigates risks, although the skill inherently processes external textual data. Severity is assessed as low given the local developer context.
Audit Metadata